<para>
Beyond PowerDNS 2.9.20, the Authoritative Server and Recursor are released separately.
</para>
+ <sect2 id="changelog-recursor-3.6.1"><title>PowerDNS Recursor 3.6.1</title>
+ <warning>
+ <para>
+ Version 3.6.1 is a mandatory security upgrade to 3.6.0! Released on the 10th of September 2014.
+ </para>
+ </warning>
+ <para>
+ PowerDNS Recursor 3.6.0 could crash with a specific sequence of packets. For more details, see
+ <xref linkend="powerdns-advisory-2014-01"/>. PowerDNS Recursor 3.6.1 was very well tested, and is in full
+ production already, so it should be a safe upgrade.
+ </para>
+ <para>
+ Downloads:
+ <itemizedlist>
+ <listitem>
+ <para>
+ <ulink url="https://www.powerdns.com/downloads.html">Official download page</ulink>
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ <para>
+ In addition to various fixes related to this potential crash, 3.6.1 fixes a few minor issues and adds
+ a debugging feature:
+ <itemizedlist>
+ <listitem>
+ <para>
+ We could not encode IPv6 AAAA records that mapped to IPv4 addresses in some cases (:ffff.1.2.3.4).
+ Fixed in gc90fcbd , closing t1663.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Improve systemd startup timing with respect to network availability (gcf86c6a), thanks to Morten Stevens.
+ </para>
+ </listitem>
+ <listitem>
+ <para>
+ Realtime telemetry can now be enabled at runtime, for example with 'rec_control carbon-server 82.94.213.34 ourname1234'.
+ This ties in to our existing carbon-server and carbon-ourname settings, but now at runtime. This specific
+ invocation will make your stats appear automatically on our <ulink url="http://xs.powerdns.com/metronome/?server=pdns.xs.recursor&beginTime=-3600">public telemetry server</ulink>.
+ </para>
+ </listitem>
+ </itemizedlist>
+ </para>
+ </sect2>
<sect2 id="changelog-auth-3.4.0"><title>PowerDNS Authoritative Server 3.4.0</title>
<warning>
<para>
</para>
</sect1>
<sect1 id="powerdns-advisory-2008-03">
- <title>PowerDNS Security Advisory 2008-02: Some PowerDNS Configurations can be forced to restart remotely</title>
+ <title>PowerDNS Security Advisory 2008-03: Some PowerDNS Configurations can be forced to restart remotely</title>
<para>
<table>
<title>PowerDNS Security Advisory</title>
Aki Tuomi for helping us reproduce the problem.
</para>
</sect1>
+ <sect1 id="powerdns-advisory-2014-01">
+ <title>PowerDNS Security Advisory 2014-01: PowerDNS Recursor 3.6.1 can be crashed remotely</title>
+ <para>
+ <table>
+ <title>PowerDNS Security Advisory</title>
+ <tgroup cols="2">
+ <tbody>
+ <row>
+ <entry>
+ CVE
+ </entry>
+ <entry>
+ CVE-2014-3614
+ </entry>
+ </row>
+ <row>
+ <entry>
+ Date
+ </entry>
+ <entry>
+ 10th of September 2014
+ </entry>
+ </row>
+ <row>
+ <entry>
+ Credit
+ </entry>
+ <entry>
+ Dedicated PowerDNS users willing to study a crash that happens once every few months (thanks)
+ </entry>
+ </row>
+ <row>
+ <entry>
+ Affects
+ </entry>
+ <entry>
+ Only PowerDNS Recursor version 3.6.0.
+ </entry>
+ </row>
+ <row>
+ <entry>
+ Not affected
+ </entry>
+ <entry>
+ No other versions of PowerDNS Recursor, no versions of PowerDNS Authoritative Server
+ </entry>
+ </row>
+ <row>
+ <entry>
+ Severity
+ </entry>
+ <entry>
+ High
+ </entry>
+ </row>
+ <row>
+ <entry>
+ Impact
+ </entry>
+ <entry>
+ Crash
+ </entry>
+ </row>
+ <row>
+ <entry>
+ Exploit
+ </entry>
+ <entry>
+ The sequence of packets required is known
+ </entry>
+ </row>
+ <row>
+ <entry>
+ Risk of system compromise
+ </entry>
+ <entry>
+ No
+ </entry>
+ </row>
+ <row>
+ <entry>
+ Solution
+ </entry>
+ <entry>
+ Upgrade to PowerDNS Recursor 3.6.1
+ </entry>
+ </row>
+ <row>
+ <entry>
+ Workaround
+ </entry>
+ <entry>
+ Restrict service using allow-from, install script that restarts PowerDNS
+ </entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
+ </para>
+ <para>
+Recently, we've discovered that PowerDNS Recursor 3.6.0 (but NOT earlier)
+can crash when exposed to a specific sequence of malformed packets. This
+sequence happened spontaneously with one of our largest deployments, and
+the packets did not appear to have a malicious origin.
+</para><para>
+Yet, this crash can be triggered remotely, leading to a denial of service
+attack. There appears to be no way to use this crash for system compromise
+or stack overflow.
+</para>
+<para>
+Upgrading to 3.6.1 solves the issue.
+</para>
+<para>
+In addition, if you want to apply a minimal fix to your own tree, it can be found
+<ulink url="https://xs.powerdns.com/tmp/minipatch-3.6.1">here</ulink>
+</para>
+<para>
+As for workarounds, only clients in allow-from are able to trigger the crash,
+so this should be limited to your userbase. Secondly,
+<ulink url="https://github.com/PowerDNS/pdns/blob/master/contrib/upstart-recursor.conf">this</ulink>
+and
+<ulink url="https://github.com/PowerDNS/pdns/blob/master/contrib/systemd-pdns-recursor.service">this</ulink>
+can be used to enable Upstart and Systemd to restart the PowerDNS Recursor
+automatically.
+
+ </para>
+ </sect1>
+
<sect1 id="thanks-to"><title>Acknowledgements</title>
<para>
PowerDNS is grateful for the help of the following people or institutions:
projects / thirdparty / pdns.git / commitdiff
